Active Directory


O365 Phishing Attack Used Real-Time Validation against Active Directory

A phishing attack used real-time validation against an organization’s Active Directory in order to steal users’ Office 365 credentials. According to Armorblox, the phishing attack targeted an executive working at an American brand that was named one of the world’s Top 50 most innovative companies for 2019 on a Friday evening.


Deliver IT Process Automation on Unlock Account, Password Reset, and Access Management via Microsoft Azure Active Directory Workflow Automation

Research shows that companies that excel at customer experience have 1.5 times more engaged employees than companies with a record of poor customer experience. It’s also clear that companies who invest in employee experience can see a higher ROI than those who don’t. So what should you exactly do to keep your employees happy? You can start by automating some of your IT processes so that employees can self-serve themselves.


The LLMNR/NBT-NS strike

Link-Local Multicast Name Resolution (LLMNR) and NetBIOS Name Service (NBT-NS) are two protocols that are used to identify a host address on a network when the DNS name resolution, which is the conventional method, fails to do so. When a DNS server is unable to resolve a request from a requester machine, the latter broadcasts a message to its peer computers asking for the location of the required server. Hackers leverage this operation to steal the credentials of the requester machine.


Permissions, access rights, and privileges: Active Directory and Azure Active Directory

Permissions, access controls, user rights, or privileges define what an identity can see or do in an organization. These terms are often used interchangeably based on context, and essentially perform the same function—granting or denying access to the resources in an enterprise.


Monitoring Applications That Use Azure ADFS

ADFS (Active Directory Federation Services) is a solution from Microsoft for single sign-on (SSO) functionality. It is used by organizations that have their users on Windows Servers to provide authentication and authorization to web-based applications or services outside the organization. ADFS implements federated identity and claim-based access control to authenticate and authorize users, thus maintaining security.


Securing Azure Active Directory from PowerShell abuse

Malware attacks are evolving and once common tactics are becoming a thing of the past. Attack strategies, like using a third-party hacking program or injecting viruses from external sources, are almost obsolete as they leave a distinct footprint. Most antimalware tools can now detect the presence of a foreign program or device and immediately block them.